The neat thing about the RED is that it can’t be misconfigured when it arrives at the remote office.

You enter the unique device ID printed on your RED into your Sophos Network Security Gateway (or UTM for short) back at HQ, and a new configuration file is automatically created and stored with the Sophos provisioning service.

When the non-techie at the remote office plugs in the unit and turns it on for the first time, the RED and the cloud automatically do the rest.

You end up with an encrypted Virtual Private Network (VPN) connection that is equivalent to having your remote workers plugged into your wired network at head office.

Delivering a product of this sort that Just Works isn’t a job for the faint hearted programmer.

The challenge of words like zero in computer science is that they are unambiguously absolute.

So when you promise a “zero configuration” experience, you really have to mean it: you can’t have a single pop-up dialog, tick box, or [OK] button.

→ Even a washing machine typically needs some user-side configuration, no matter that it’s just twiddling a dial and pressing a switch.

So, congratulations to our techie brothers and sisters for making “zero” mean zero!

By the way, if you’re wondering why you might want to consider a full-blown VPN instead of just relying on remote workers to connect to key services over HTTPS, take a look at some of the comments on our recent Wireless Security Myths video.

HTTPS secures individual transactions, but it doesn’t secure the DNS lookups of your remote users, and it doesn’t shield the times or destinations of their connections.

That might not sound like a lot, but an attacker who controls your DNS can entirely own your network, and an attacker who knows the pattern of your communications can apply traffic analysis and learn more about your business than you might like.

Much worse, rather obviously, is that HTTPS works with co-operating secure websites only; it protects nothing else that leaves or enters your computer.

So…which company’s product would I recommend for remote office connectivity?

Let me just say, “You can work it out just by looking at the URL of this article.”

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too.
Follow him on Twitter: @duckblog

One comment on “Sophos RED scoops “Protector Award” at this year’s AusCERT conference”